CVEs from 2021
Total
4,791
critical
critical 281
high
high 1,022
medium
medium 1,179
low
low 138
% Critical
5.9%
% with KEV
4.4%
% with exploit
5.3%
Top vendors
Top products
- simatic_wincc_runtime_advanced 28
- office 13
- primavera_gateway 10
- weblogic_server 9
- primavera_unifier 8
- modicon_m340_bmxp342020 8
- log4j 8
- mbed_tls 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1799 | medium | — | 5.5 | 5y ago | A port redirection issue was addressed with additional port validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, watch… | |||
| CVE-2021-20197 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-3487 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-20284 | medium | — | 5.5 | 5y ago | RHSA-2021:4364: binutils security update (Moderate) | |||
| CVE-2021-35942 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-27645 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33574 | medium | — | 5.5 | 5y ago | RHSA-2021:4358: glibc security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33033 | medium | — | 5.5 | 5y ago | The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd.… | |||
| CVE-2021-20239 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest … | |||
| CVE-2021-31829 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific co… | |||
| CVE-2021-3600 | medium | — | 5.5 | 5y ago | It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… | |||
| CVE-2021-31916 | medium | — | 5.5 | 5y ago | An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker… | |||
| CVE-2021-29650 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/… | |||
| CVE-2021-3564 | medium | — | 5.5 | 5y ago | A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to c… | |||
| CVE-2021-23133 | medium | — | 5.5 | 5y ago | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_des… | |||
| CVE-2021-3573 | medium | — | 5.5 | 5y ago | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregist… | |||
| CVE-2021-3348 | medium | — | 5.5 | 5y ago | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O requ… | |||
| CVE-2021-3489 | medium | — | 5.5 | 5y ago | The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes withi… | |||
| CVE-2021-31440 | medium | — | 5.5 | 5y ago | This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the tar… | |||
| CVE-2021-28950 | medium | — | 5.5 | 5y ago | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. | |||
| CVE-2021-28971 | medium | — | 5.5 | 5y ago | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PE… | |||
| CVE-2021-3679 | medium | — | 5.5 | 5y ago | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (… | |||
| CVE-2021-29646 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel before 5.11.11. tipc_nl_retrieve_key in net/tipc/node.c does not properly validate certain data sizes, aka CID-0217ed2848e8. | |||
| CVE-2021-29155 | medium | — | 5.5 | 5y ago | An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spe… | |||
| CVE-2021-3635 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands. | |||
| CVE-2021-3659 | medium | — | 5.5 | 5y ago | A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash t… | |||
| CVE-2021-3732 | medium | — | 5.5 | 5y ago | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not… | |||
| CVE-2021-33200 | medium | — | 5.5 | 5y ago | kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and write… | |||
| CVE-2021-20194 | medium | — | 5.5 | 5y ago | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARD… | |||
| CVE-2021-0129 | medium | — | 5.5 | 5y ago | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | |||
| CVE-2021-39365 | medium | — | 5.5 | 5y ago | RHSA-2021:4339: grilo security update (Moderate) | |||
| CVE-2021-31535 | medium | — | 5.5 | 5y ago | RHSA-2021:4326: libX11 security update (Moderate) | |||
| CVE-2021-28091 | medium | — | 5.5 | 5y ago | RHSA-2021:4325: lasso security and enhancement update (Moderate) | |||
| CVE-2021-3571 | medium | — | 5.5 | 5y ago | RHSA-2021:4321: linuxptp security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-37619 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-37618 | medium | — | 5.5 | 5y ago | RHSA-2021:4319: compat-exiv2-026 security update (Moderate) | |||
| CVE-2021-31808 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-33620 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28651 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28652 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-28662 | medium | — | 5.5 | 5y ago | RHSA-2021:4292: squid:4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29922 | medium | — | 5.5 | 5y ago | RHSA-2021:4270: rust-toolset:rhel8 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-26690 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service | |||
| CVE-2021-30641 | medium | — | 5.5 | 5y ago | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' | |||
| CVE-2021-3575 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-29338 | medium | — | 5.5 | 5y ago | RHSA-2021:4251: openjpeg2 security update (Moderate) | |||
| CVE-2021-26927 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-3272 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-26926 | medium | — | 5.5 | 5y ago | RHSA-2021:4235: jasper security update (Moderate) | |||
| CVE-2021-21702 | medium | — | 5.5 | 5y ago | RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-20095 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-3595 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3593 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is sm… | |||
| CVE-2021-3592 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is s… | |||
| CVE-2021-3594 | medium | — | 5.5 | 5y ago | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is sma… | |||
| CVE-2021-3631 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3667 | medium | — | 5.5 | 5y ago | RHSA-2021:4191: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3181 | medium | — | 5.5 | 5y ago | RHSA-2021:4181: mutt security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-32617 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3482 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29457 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29623 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29464 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29463 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29470 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29458 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29473 | medium | — | 5.5 | 5y ago | RHSA-2021:4173: exiv2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-3481 | medium | — | 5.5 | 5y ago | RHSA-2021:4172: qt5 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-29921 | medium | — | 5.5 | 5y ago | In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is bas… | |||
| CVE-2021-3448 | medium | — | 5.5 | 5y ago | RHSA-2021:4153: dnsmasq security and bug fix update (Moderate) | |||
| CVE-2021-3444 | medium | — | 5.5 | 5y ago | The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs c… | |||
| CVE-2021-28210 | medium | — | 5.5 | 5y ago | RHSA-2021:4198: edk2 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-46983 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, a retry … | |||
| CVE-2021-29657 | medium | — | 5.5 | 5y ago | arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a75… | |||
| CVE-2021-33098 | medium | — | 5.5 | 5y ago | Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. | |||
| CVE-2021-47080 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prevent divide-by-zero error triggered by the user The user_entry_size is supplied by the user and later used as a den… | |||
| CVE-2021-47011 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: mm: memcontrol: slab: fix obtain a reference to a freeing memcg Patch series "Use obj_cgroup APIs to charge kmem pages", v5. Sin… | |||
| CVE-2021-46905 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145 ("net: hso: fix null-ptr-deref during tty device unregistra… | |||
| CVE-2021-4442 | medium | — | 5.5 | 5y ago | In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCP_QUEUE_SEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ _after_ restoring data … | |||
| CVE-2021-41174 | medium | — | 5.5 | 5y ago | cross-site scripting in grafana | |||
| CVE-2021-33929 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_disabled_solvable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33938 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function prune_to_recommended in src/policy.c in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33928 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-33930 | medium | — | 5.5 | 5y ago | Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service. | |||
| CVE-2021-20254 | medium | — | 5.5 | 5y ago | RHSA-2021:4058: samba security update (Moderate) | |||
| CVE-2021-22947 | medium | — | 5.5 | 5y ago | When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that c… | |||
| CVE-2021-22946 | medium | — | 5.5 | 5y ago | A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSES… | |||
| CVE-2021-42771 | medium | — | 5.5 | 5y ago | RHSA-2021:4201: babel security and bug fix update (Moderate) | |||
| CVE-2021-35550 | medium | — | 5.5 | 5y ago | RHSA-2022:0970: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2021-42135 | medium | — | 5.5 | 5y ago | Incorrect Privilege Assignment in HashiCorp Vault in github.com/hashicorp/vault | |||
| CVE-2021-41802 | medium | — | 5.5 | 5y ago | Hashicorp Vault Privilege Escalation Vulnerability in github.com/hashicorp/vault | |||
| CVE-2021-41136 | medium | — | 5.5 | 5y ago | Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using `puma` with a proxy which forwards HTTP header values which contain the LF character could allow HTTP re… | |||
| CVE-2021-41125 | medium | — | 5.5 | 5y ago | Scrapy is a high-level web crawling and scraping framework for Python. If you use `HttpAuthMiddleware` (i.e. the `http_user` and `http_pass` spider attributes) for HTTP authentication, all requests w… | |||
| CVE-2021-30151 | medium | — | 5.5 | 5y ago | Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used. | |||
| CVE-2021-34552 | medium | — | 5.5 | 5y ago | RHSA-2021:4149: python-pillow security update (Moderate) | |||
| CVE-2021-41116 | medium | — | 5.5 | 5y ago | Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should u… | |||
| CVE-2021-41103 | medium | — | 5.5 | 5y ago | Insufficiently restricted permissions on plugin directories in github.com/containerd/containerd | |||
| CVE-2021-3583 | medium | — | 5.5 | 5y ago | A flaw was found in Ansible, where a user's controller is vulnerable to template injection. This issue can occur through facts used in the template if the user is trying to put templates in multi-lin… | |||
| CVE-2021-2308 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2021-2390 | medium | — | 5.5 | 5y ago | RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate) |